DECOMPOSITION OF POLYNOMIALS 

Raoul Blankertz 

July 5, 2011 

o 

(N 

Abstract. This diploma thesis is concerned with functional decompo- 
sition f = g o h oi polynomials. First an algorithm is described which 
computes decompositions in polynomial time. This algorithm was orig- 
inally proposed by Zippel (1991). A bound for the number of minimal 
^^ ' collisions is derived. Finally a proof of a conjecture in von zur Gathen, 

•^ . Giesbrecht &; Ziegler (2010) is given, which states a classification for a 

(-H ' special class of decomposable polynomials. 

Note. This is a modified version of the author's diploma thesis. The main 
changes concern notation and rephrasing of some results. 
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1. Introduction 

1.1. Deutsche Einleitung. Die Komposition zweier Polynome ist ebenfalls 
ein Polynom. Umgekehrt kann man sich fragen, unter welchen Umstanden 
ein Polynom die Komposition zweier anderer Polynome ist - oder in anderen 
Worten: Wann ist ein Polynom funktional zerlegbar? Ritt (1922) beschaftigte 
sich mit dieser Frage, wobei er als Grundkorper C voraussetzte. Im Gegensatz 
zur multiplikativen Zerlegung ist die funktionale Zerlegung nicht eindeutig. 
Ritts erstes Theorem besagt, dass die Grade der Komponenten zweier ver- 
schiedener vollstandigen Zerlegungen (das heiBt die Komponenten sind unzer- 
legbar) modulo einer Permutation gleich sind. Ritts zweites Theorem gibt eine 
Klassifikation der Losungen von giohi = g2°h2 mit deg{gi) = deg(/i2) an. Diese 
beiden Theoreme konnten auf Korper der Charakteristik Null verallgemeinert 
werden (siehe Dorey & Whaples (1974)). Allerdings gibt es Gegenbeispiele fiir 
beide Theoreme liber Korper mit positiver Charakteristik. In solchen Korpern 
treten so genannte gleichgradige Kollisionen auf. Diese Kollisionen machen 
es schwer, die Anzahl der zerlegbaren Polynome iiber einem endlichen Korper 
anzugeben oder auch nur zu schatzen, siehe von zur Gathen (2009). Auch al- 
gorithmisch ist das Problem im Falle positiver Charakteristik schwieriger, siehe 
von zur Gathen (1990a) und von zur Gathen (1990b). 

Zuerst werden in Kapitel 2 grundlegende Konzepte eingefiihrt. In Kapitel 
3 wird dann ein Algorithmus von Zippel (1991) besprochen. Der von Zippel 
vorgestellte Algorithmus berechnet Zerlegungen von rationalen Funktionen in 
polynomieller Zeit. Dabei zitiert Zippel einige Resultate aus Landau & Miller 
(1985), auf denen sein Algorithmus basiert. Diese Resultate wurden aller- 
dings dort nur fiir den Grundkorper Q bewiesen und nicht wie benotigt iiber 
einem Funktionenkorper F{t) von beliebiger Charakteristik. Eine komplette 
Beschreibung dieses Algorithmus fiir die Zerlegung von Polynomen und ein 
Beweis seiner Korrektheit wird in dieser Arbeit gegeben. Dabei wird zunachst 
eine Beziehung zwischen der funktionalen Zerlegung eines Polynoms und den 
Blocken einer bestimmten Permutationsgruppe hergestellt. Dann wird gezeigt 
wie minimale Blocke effizient berechnet werden konnen und wie man daraus 
die entsprechende Zerlegung gewinnt. Am Ende von Kapitel 3 wird eine obere 
Schranke fiir die Anzahl von minimalen Zerlegungen eines Polynoms hergeleitet. 

Danach widmet sich Kapitel 4 der Klassifikation von Polynomen vom Grad 
p^ mit mindestens zwei verschiedenen Zerlegungen iiber einem Korper der 
Charakteristik p. Diese Klassifikation wurde in von zur Gathen, Giesbrecht 
& Ziegler (2010) vorgeschlagen und soil nun in dieser Arbeit bewiesen werden. 
Der Beweis orientiert sich an den Beweisen von Ritts zweitem Theorem in den 
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Arbeiten von Dorey & Whaples (1974) und Zannier (1993). 

1.2. English introduction. The functional composition of two polynomials 
is a polynomial itself. Conversely one could ask, when is a given polynomial 
the composition of two others polynomials - or in other words: When is a 
polynomial functionally decomposable? 

At first in Section 2 basic notions and concepts will be introduced. An algo- 
rithm for computing decompositions, which was originally proposed in Zippel 
(1991) ^, will be discussed in Section 3. The proof relies on a generalization 
of results of Landau & Miller (1985). But this generalization lacked a proper 
foundation. A proof of correctness and a runtime estimation is provided (20 
years later) in this paper. In the end of Section 3 an upper bound for the 
number of minimal decompositions of a polynomial will be deduced. 

In von zur Gathen, Giesbrecht & Ziegler (2010) a classification for decom- 
posable polynomials of degree p^ over a field of characteristic p was proposed. 
This conjecture will be stated and proven in Section 4. 

2. Decompositions 

Let F be an arbitrary field. In the runtime considerations of the algorithm in 
Section 3 we restrict F to a field in which one can compute efficiently and in 
Section 4 we restrict F to a field of positive characteristic. One can think of F 
being a finite field, which is the most interesting case. 

Definition 2.1. A polynomial f in F[x] is decomposable if there are g and 
h in F[x], both of degrees at least two, such that f = g o h. The pair {g, h) 
is called a decomposition of f . A polynomial is indecomposable if it is not 
decomposable. 

We call a polynomial original if its graph passes though the origin, or, 
equivalently, it has a root at zero. A polynomial is normal if it is monic and 
original. We call a decomposition {g, h) normal if g and h are normal and we 
call it minimal if h is normal and indecomposable. 

In a decomposition {g,h), g is uniquely determined by / and h, since the 
ring homomorphism F[x] — )■ F[x] with g \-^ g o h is injective. Furthermore, g 
is easy to compute by the generalized Taylor expansion, see von zur Gathen & 
Gerhard (1999). 



^There is a related (unpublished) paper by Zippel from 1996, which was not known to 
the author until the submission of the thesis. A subsequent publication of the author's work 
will refer to it. 
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Definition 2.2. A linear left composition (linear right composition, linear 
composition) of f is the polynomial io f (f oi, io f oi, respectively) for some 
linear polynomials i and L 

The conjugate of a normal polynomial f by a linear polynomial x + w is 
the normal polynomial {x — f{w)) o f o [x + w). 

Each non-constant polynomial has a unique linear left composition which 
is normal. Namely, if a is the leading coefficient of / and b is its constant term, 
then [a~^x — a~^b) o / is normal. The functional inverse of a linear polynomial 
£ = ax + b is i^^ = a^^x — a~^b. If a normal polynomial / has a decomposition 
[g, h) and / is a linear polynomial such that ioh is normal, then goi~^ is normal. 
This is because the leading coefficient and constant term of {goi~^)o (ioh) = f 
equal the leading coefficient and the constant term, respectively, oi g o i~^. 

Functional decomposition is related to intermediate fields of certain field 
extensions in the following way. Let F{t) be the function field in t over F. 
Then for a given non-constant polynomial / G F[x] let (f be the polynomial 
/ — t in F{t)[x]. Then ip is irreducible by the Eisenstein criterion. 

If we assume that the derivative /' of / is not zero then the derivative of ip 
with respect to x is not zero and thus (/? is separable. In this case, for a root a 
of ip, F(t)[a] = F{a) is a separable field extension of F(t). 

In characteristic we have /' 7^ 0. If the characteristic of F is p and /' = 
then there exists / such that / = /(a;^*^) and /' 7^ 0. If F is finite or is the 
algebraic closure of a finite field then the Frobenius endomorphism a; 1— )■ a;^ is 
an automorphism of F. In this case, by knowing all decompositions of / one 
knows all decompositions of /. In general the Frobenius endomorphism is not 
an automorphism (for example on function fields), but we will anyway assume 
that /' 7^ 0. This assumption excludes some cases in general, but we lose no 
generality if F is a finite field. 

Now the following theorem states a correspondence between decompositions 
of / and intermediate fields of F{a) \ F{t). A proof of it can be found in Fried 
& MacRae (1969). 

Theorem 2.3. Let f be a polynomial over F with /' 7^ and let a be a root 
of f — t E F{t)[x]. Let L = {h E F[x] : h is normal and 3g G F[x] : f = g o h} 
and let M be the set of intermediate fields between F{a) and F{t). Then the 
map L -^ M with h 1— )■ F{h{a)) is bijective. 

The minimal polynomial of a over F[h{a)) is h{x) — h{a). Thus we have 
[Fia):Fihia))] = degih). 
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The set M is a lattice with the inclusion as order (the intersection and the 
composition of fields are the meet and the join). It is clear that ii h = g o h*, 
then F{h{a)) C F{h*{a)). Thus, if we take h* < h to mean that h = goh* ioi 
some g G F[x], then the bijection in Theorem 2.3 is an order-reversing bijection 
of partially ordered sets. Thus (L, <) is a lattice, which we call the lattice of 
decompositions of /. 



Lemma 2.4. Let f e F[x] with /' 7^ and £1, £2 e F[x] be linear. Let a be a 
root of f — t and /3 a root of £1 o / o f 2 — t. Then the Geld extensions F{a) \ F(t) 
and F[f3) \ F{t) are isomorphic. 

Proof. Let $: F[a] — )■ F[/3] with a ^-^ ^2(/3) be the evaluation homomor- 
phism. Since /3 is transcendental over F this homomorphism is injective and 
extends to a field homomorphism $: F{a) — )■ F{[5). From $(t) = $(/(«)) = 
/(^2(/3)) = ^i^{t) follows that F{t) is mapped to F{t) under $. The degrees of 
the extensions are equal, hence $ is surjective. D 

Corollary 2.5. If f is a linear composition of f, then the lattice of decom- 
positions of f is isomorphic to the lattice of decompositions of f . 

Proof. Let a and /3 be roots of / — t and f — t, respectively. Then the 
lattice of decompositions of / is isomorphic to the lattice of intermediate fields 
between F{P) and F{t). By the previous lemma, this lattice is isomorphic 
to the lattice of intermediate fields between F{a) and F{t), which is in turn 
isomorphic to the lattice of decompositions of /. D 

Thus, one needs only to consider normal polynomials and normal decom- 
positions. Furthermore the lattice of decompositions of a normal polynomial is 
invariant under conjugation. 

3. Finding minimal decompositions 

An algorithm that computes functional decompositions of rational functions 
was proposed in Zippel (1991). In this paper Zippel cites results of Landau & 
Miller (1985), on which the algorithm relies. But these results were only proven 
for the ground field Q - instead of F{t), which would be needed. In the 20 years 
since then, nobody seems to have undertaken the somewhat ungrateful task of 
verifying whether Zippel's claims are actually true. A complete description of 
the algorithm for polynomial decomposition and a proof of its correctness will 
be given in this section. 
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The main idea for the algorithm is to relate decompositions of / to certain 
partitions of the set of roots of (/? = f — t and to find an efficient way to 
compute these partitions. To specify this idea, let {g, h) be a decomposition 
of /. For each root X oi g — t the roots oi h — X form a subset of the roots of 
ip. Furthermore two different roots oi g — t yield two disjoint subsets. In this 
way one can partition the set of roots of ip with respect to a decomposition 
of /. For getting a better understanding of the nature of these partitions we 
consider the notion of blocks. 

3.1. Blocks of imprimitivity. We introduce the notion of blocks of im- 
primitivity and its relation to decompositions. For this propose consider a 
finite permutation group G on a finite set Z (that is a subgroup G C S{Z), 
where S{Z) is the symmetric group on Z). The following facts are mainly taken 
from Wielandt (1964). 

Definition 3.1. A subset B of Z is a block of G if for all a in G, tfie set 
(t{B) n B is empty or equals B. 

Equivalently, i? is a block of G if for all a in G the sets B and cr[B) are 
disjoint or equal. If i? is a block, then any cr{B) is a block. If G is transitive 
and B ^ ^ then {a{B)}„i=G is a partition of Z and is called a complete block 
system. 

Definition 3.2. For a subgroup U C G and a e Z the orbit of a under U 
is the subset U{a) = {o'(a) | o" G U}. For a subset S (^ Z the stabilizer of S 
is the subgroup Gs = {cr \ o-{S) = S}. We write Ga for G^a}- A permutation 
group G on Z is called regular if Ga is trivial for all a in Z. 

For o" G G we have aGaC^^ = Go-(a)- In particular, if G is transitive, all 
stabilizers have the same cardinality, and G is regular if and only if Ga is trivial 
for some a E Z. 

Lemma 3.3. If B and C are blocks then B (1 C is a block. 

Proof. Let a be in G. Then a{BnC)n{BnG) = {aB n 5) n {aG n G) and 
this is empty if and only if aB (1 B oi aC fl C is empty. If both are nonempty 
we get a{B n G) n {B nC) = B nG, since B and G are blocks. D 
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Definition 3.4. The blocks 0, Z, and {7}, for 7 e Z, are called trivial blocks. 
A nontrivial block is called block of imprimitivity. A permutation group G on 
Z is called primitive if there are only trivial blocks. It is called imprimitive 
otherwise. 

Example 3.5. The alternating group A„ on {1, . . . , n} is primitive: Let with- 
out lose of generality n > 2 and assume i? is a block with at least two distinct 
elements, say a ^ (5 E B. Let 7 be an arbitrary element in {1, . . . , n} distinct 
from a and (5. Then for o" = (a /3 7) G A„ we have (t(q;) = /3 G cjB fl B. 
Therefore aB = B, and since o"(/3) = 7 G crB we get '~f E B. This proves 
B = {l,...,n}. 

The same holds for §„. 

Example 3.6. Let the dihedral group Dq = {(J,t) act on {1, . . . , 6} by c = 
(1 3 5)(2 4 6) and r = (1 4)(2 3)(5 6). Then Dq is imprimitive, for example, 
{1,3,5} and {1,2} are nontrivial blocks. 

The following theorem is essential for the link between the decomposition 
of polynomials and the theory of blocks. 

Theorem 3.7. Let G be a finite transitive permutation group on a finite set Z 
and let a E Z. Then the lattice of subgroups between G^ and G is isomorphic 
to the lattice of blocks containing a. 

Proof. For a block B with a & B define $: i? i— )> Gb and for a subgroup 
Ga ^U '^G define ^: f/ 1— )■ U{q). To prove that both maps are well defined 
we first show that Gb contains Ga- Let a be in Ga- Then a {a) = a & B. Thus 
a{B) n 5 ^ and therefore B = a{B). 

To prove that U{a) is a block, let a G G and assume 7 is in cr{U{a))r\U{a). 
Then there are r and r' in U such that crT'{a) = 7 = r(a). Thus r^^ar'^a) = a 
and therefore r^^ar' G Ga C U. This implies that a is in U and we have 
a{U{a)) = U{a). 

Clearly $ o ^(f/) = {a G G | (T{U{a)) = U{a)} D U. For the reverse 
inclusion consider a E G such that a{U{a)) = U{a). Thus there is r G f/ 
such that (Tr(a) = a. Then ar G Ga ^ U and therefore a E U. Thus 
we have proven that $ o ^P = irf. For the other direction, one finds that 
^ o $(fi) = {a{a) I a{B) = B} C B. Let (3 E B. Since G acts transitively 
there is o" G G such that cT{a) = f3. Then P E B (1 aB and thus (y{B) = B. 
Therefore f3 = a{a) G ^ o $(-B). Thus ^ o $ = irf and we have proven that \E' 
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and $ are bijective. It is now sufficient to show that $ is order preserving. Let 
B C B' anda e Gb- Then B = a{B) f] B C a{B') n B' and thus a{B') n B' is 
nonempty. Hence a is in Gb'- D 

We fix the following notation. Let / be a polynomial in F[x\ of degree n 
with /' 7^ 0. As before define ip = f — t E F(t)[x] and let a be a root of ip. 
Furthermore let L be the splitting field of (f over F[t) and let G be its Galois 
group. Then G acts transitively on the set Z of roots of (p. We consider G as 
permutation group on Z. 

Corollary 3.8. (i) The lattice of decompositions of f and the lattice of 
blocks of G containing a are isomorphic. 

(a) Let h be the right component of a normal decomposition of f and let B 
be the block corresponding to h. Then deg{h) = \B\. 

Proof. The lattice of decompositions of / is isomorphic to the lattice of 
intermediate fields of F{a) \ F(t). This in turn is by Galois theory isomorphic 
to the lattice of subgroups between Ga and G. Thus, by the previous theorem 
one achieves an isomorphism between the lattice of decompositions of / and 
the lattice of blocks containing a. 

Let U be the subgroup corresponding to h and B be the corresponding block 
(that is, F{h{a)) = L^ and U{a) = B). Then deg(/i) = [F{a): F(/i(a))] = 
[L*^" : LF] = (U: Ga). On the other hand, we have B = U{a) = {cr{a) \ a G 
U/Ga}. Thus \B\ = {U: Go) = deg{h). D 

3.2. Finding minimal blocks. In this and in the next section we will dis- 
cuss an algorithm that computes minimal blocks of the Galois group G. This 
algorithm and all intermediate results were introduced in Landau & Miller 
(1985) for the ground field Q. In our case we have the ground field F{t), but 
the proofs are essentially based on Landau & Miller (1985). 

From now on we consider only blocks containing a. We call a nontrivial 
block B minimal if all blocks B' C B are either trivial or equal to B. If B is 
minimal, then the corresponding decomposition is minimal. 

Lemma 3.9. The set B^ = {/3 e Z {Va e G^: (t/3 = /3} is a block ofG. 

Proof. Let /3 G B^. Then each a G Ga fixes /3, hence Ga C G^. Since G is 
transitive we have \Ga\ = |G^| and thus Ga = G/^. 

Now let r be in G and assume rBa H Ba is not empty. Then there are /3, 
f3' G Ba such that r(/3) = /?'. We have Ga = G^ = G^>. Let 'y e Ba. Then 
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r ^GaT = T ^GpiT = Gp = G^. Thus for all a G Gq, we have crr(7) = r(7). 
Hence r(7) G i?„. D 

Now factor if over -F(a) into irreducible factors ipi such that 

s 

(3.10) (y9 = JJ(a; - fti) ■ V^s+i ■ . . . ■ ^r, 

with a = «!, q;j G -F(q;), and ■?/'j = a; — q;j for 1 < i < s, and deg-i/'j > 2 
for s < i < r. Since q;j G F{a) for 1 < i < s there are rational functions ii 
such that ai = ii{ai). Since a is transcendental over F, from the equation 
/(a) = t = f{ii{a)) follows that ii must be a linear polynomial. Clearly ctj is 
in Ba for all 1 < i < s. Let /3 G 5«. Then /3 e L^" = F{a). Thus /3 = £{a) 
for some linear polynomial i. We have proven that B^ = {o^i \ 1 < ? < s}. 

Claim 3.11. H = {{ii | 1 < i < s}, o) is a group. 

The neutral element in H is ii = x. Since a is transcendental over F, the 
equation / o ii(a) = t = f{a) implies f o ii = f ■ Then from /(£j o ij^a)) = 
f{ij{a)) = t follows that ii o ij[a) is a root of ip in F(a). Thus there exists k 
such that ii o £j = £ifc. In the same way by f\il^{Q)) = f o ii o i~'^{a) = t we 
conclude the existence of the inverse of ii in H. 

The following lemma presents us with the opportunity to lay hands on the 
Galois group from a computational point of view. 

Lemma 3.12. The mapping $: Gb^ -^ H,a \-^ i^^ for a{a) = ai = ii{ai), is 
a surjective honiomorphisni with kernel G^- 

Proof. Let a, t e Gb^ with $(o-) = ii"" and $(r) = £j^ Then a o T{a) = 
a{ij{a)) = ij{aa) = {ij o ii){a). Thus <l>(ar) = (ij o ii)-^ = ir^ o ij^ = 
$(cr)$(r). Each ii defines an F(t)-automorphism on F{a), extends to L and 
maps Ba to B^- Thus $ is surjective. Finally, a is in the kernel if and only if 
a{a) = a. This is if and only if a is in G^- □ 

Now let s = n. Then we have B^ = Z and L = F{a) = L^" . Thus 
Gbo, = G and Ga = 1- In this case $ is an isomorphism between G and H 
and we can compute all minimal blocks by the algorithm of Atkinson (1975) 
in polynomial time. Before we consider the other cases we will see how to 
compute the appropriate h from a block B. Instead of following Zippel (1991), 
we use the following new result. 
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Lemma 3.13. Let B be a block and h be the right component of a decompo- 
sition of f corresponding to B. Then h{x) — h{a) = Yl^eB^^ ~ 7)- 

Proof. The block B corresponds to the intermediate field L"-^^ and by The- 
orem 2.3 there is a decomposition of / with right component h such that 
L'^B — F{hi^a)). Set A = h{a). Then the minimal polynomial of a over 
F{\) is h — X. Since a is in 5 and both polynomials have the same degree, it 
is sufficient to show that n7e-B(^ ~ 7) ^^ ^^ -^(^)W- Let a be in Gb- Then 
a{B) = B and therefore cr(n^g^(a; - 7)) = n^esl^ " ^7) = Yl^eBi^ " 7)- 
Since F{\) = L^'^ this proves that n7eB(^ ~ 7) is in F{\)[x\. D 

Note that n7e-B(~7) ^^ ^^^ constant term of h{x) — h{a). Since h is normal, 
we get h = Yl^^six - 7) - Yl^f^si^'y)' ^^ exphcit formula. 

Example 3.14. Let p be an odd prime and F be a finite field of characteristic 
p. Let f = x"^ o [x^ — a:), a be an element of the prime field ¥p of F and ( be 
either 1 or —1. Then f{(x + a) = {(^x^ + aP — C^x — of = f{x). Thus, for 
a root a oi f — t also (a + a is a root of /. Thus we have 2p roots of / — t 
in F{a) and therefore F{a) \ F{t) is Galois. Its Galois group is isomorphic to 
{(Ca; + a) I C e {-1, 1}, a G Fp} = Fp x Z/2Z = Dsp. The dihedral group Z^sp 
has one subgroup of order p and p subgroups of order two. Hence / has p + 1 
decompositions. A block with two elements is of the form {a, —a + a}. Then 
h{x) — h{a) = {x — a){x — {—a + a)) = x"^ — ax — (a^ — aa) and we have found 
the right component of a decomposition of /, namely h = x^ — ax. 

Let 1 < s < n. Then the induced action of Gb^ on B^ is determined by the 
action of H on Ba, since Ga acts trivial on Ba- If there are minimal blocks of 
Gb^ containing a, one can find all of them in polynomial time (by the above 
mentioned algorithm of Atkinson). 

Lemma 3.15. If A is a minimal block of Gb^j then A is a minimal block of 
G. 

Proof. Assume cr(A) fl A 7^ for some a E G. Since A C 5^ and a(A) C 
a{Ba), we get o"(A) fl A C a{Ba) fl -Bq, 7^ 0. Thus cr(Ba) = B^, which means 
that o" is in Gb^- Since A is a block of Gb^, we have o"(A) = A. If i? C A is a 
nontrivial block of G, then i? is a block of Gb^ and thus B = A. D 

Thus, we can easily compute all minimal blocks that are contained in B^- 
Note that if there is no nontrivial Block of Gb^ , then B^ is a minimal block of 
G. 
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Example 3.16. Let p = 3 and f = x^ — x over F3. Let a be a root of / — t. 
One checks that 

f{x) — f{a) = {x — a){x — a + l){x — a — 1) 

(x^ + ax + a'^ + l)(a;^ + {a + l)x + a^ — a — 1) 
(x^ + (a — l)x + a^ + a — 1) 

is the factorization of / — t into irreducible polynomials over F3(a). As shown 
above {a, a — l,a + 1} forms a block. Thus for h{x) — h{a) = {x — a){x — 
q; + l)(x — a — 1) = x^ — X — {a^ — a) we have that h = x^ — x is the right 
component of a decomposition of /. One calculates that the corresponding left 
component is g = x^ + x. 

If s = 1 then Ba = {a} is trivial. Thus the method above does not apply. 
But also if 1 < s < n, there could be minimal blocks A with A fl Ba = {a}. 
Thus, let s < n. Then F[q) is not Galois and we have Ga 7^ 1. Hence G is not 
regular and the following theorem applies. 

Theorem 3.17. Let G he a finite permutation group on Z, which is transitive 
and not regular. Then G is primitive if and only if for all distinct a and /3 in 
Z we have {Ga, Gf^) = G. 

Proof. Let G be imprimitive and A be a nontrivial block with a, /3 G A and 
a ^ (3. Then Ga, Gj3 C Ga. Thus by Theorem 3.7, we get {Ga, Gp) C Gp^ 7^ G, 
since k^ Z . 

Now let {Ga,Gfi) 7^ G for some a 7^ /3. Then A = {Ga,G^{a) is a block 
^ Z as shown in the proof of Theorem 3.7. If A is nontrivial, then we are done. 
Thus assume A = {a}. Then we have a{a) = a for all a G G/^. Thus G^ C G^- 
Since \Ga\ = \Gj3\ we have Ga = Gp. But then a, f3 E Ba and Ba is trivial 
only if Ba = Z. Since G is not regular there is 1 7^ a G Ga and 7 such that 
(7(7) 7^ 7. Thus 7 ^ Ba- Hence Ba 7^ Z, which is thus a nontrivial block. D 

Proposition 3.18. Let A be a minimal block ofG with a e A and An Ba = 
{a}. Then for aii /3 G A distinct from a the orbit {Ga, Gp){a) equals A. 

Proof. Let /3 7^ a be in A. Clearly {Ga,Gi3){a) = {cr{a) \ a G (Gq,,^/?)} C 
A. Now if Ga = Gp then (5 would be fixed by Ga and thus /3 G Ba, which 
is a contradiction to the assumption. Thus we have Ga 7^ Gji and therefore 
\{Ga,Gj3){a)\ > 1. Thus {Ga,Gi3){a) is a nontrivial block contained in A, 
which implies equality by the minimality of A. D 
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Lemma 3.19. Let ip = ni=i "^j ^^ ^ factorization of ip into irreducible factors 
ipi over F{a). Let f3 E Z and j be such that ipj{/3) = 0. Then Ga{/3) = {76 
Z:^,(7)=0}. 

Proof. If ipj = [x — P) then /3 is in F{a) and is thus fixed by Ga- Hence the 
claim holds. Thus let deglipj) > 2. Each a G Ga acts trivial on F{a). Thus 
a{iPj) = ^Pj and ^ljj{a{l3)) = a{ipj{l3)) = 0. Hence G'«(/3) C {7 g Z: ^^(7) = 0}. 
For the other direction let 7 be such that ipji'j) = 0. Let M be the splitting 
field of ipj over F{a). Then there is a in Gal(M | F{a)) such that (t(/3) = 7. 
Since F{a) C M C L we have that a extends to an automorphism in Gal(L | 
F{a)) = Ga- Thus 7 is in G'«(/3). D 

Fix u > s and /3 such that /3 is a root of 1^,^. Note that /3 ^ Ba and thus 
(Gq,, G/3)(a) is a block, which is minimal if there is a minimal block containing 
a and /3. Let a be in G such that cr{a) = (3 and set ip* = (j{ipi) for all 1 < i < r. 
Then the polynomials ip* G F{P)[x\ are the polynomials ■?/'i with /3 substituted 
for a and the irreducible factors of ip over F(/9) are precisely the polynomials 
-0*. Note that if 7 is a root of ip* we have ^^(7) = {7' G Z : ip^ij') = 0} by 
the previous lemma. 

Proposition 3.20. Consider the bipartite graph F/j with the set of vertices 
consisting of ipi and ip* for 1 < i < r and with an undirected edge between ipi 
and Ip* if gcd{ipi,'^j) 7^ 1- -Let C/3 be the the set of roots of those ipi that are 
connected to ipi. Then {Ga,Gi3){a) = Gj3. 

Proof. Each element 7 of (G^, G^){a) is of the form o"„ . . . (T20"i(«) with o"j 
in Ga or in Gp. We prove by induction on u that 7 is in Gp. The induction 
basis is the fact that a G Gp. For the induction step let 7 = (T„_i . . . (T20"i(q;) 
be in G^. Then there is some i such that ipi{l) = and ■?/'j is connected to ipi. 
We distinguish two cases: First we have o-„ G Gq,. Since auijpi) = "ipi, we have 
= o-„(V'j(7)) = '?/'j(o"ti7). Thus also cr„(7) G G/3. In the second case we have 
cr„ G G^. Let j such that ipji'j) = 0. Then there is an edge between ip* and ipi 
and thus ip* is connected to ■?/'i. Since o"„(7) G G^(7) we have that also <7u{l) 
is a roots of ■?/'*. Hence if cr„(7) is a root of ipk we have gcd(-?/'fc, ■?/'*) 7^ 1 and 
thus o-„(7) G G^. 

For the other direction, let 7 be in G/3 and i such that ipi{'~f) = 0. Then 
there is a path P form ipi to V^j, say P = {ipijip}), . . . ,{ipk,4'j){ipj,ipi)- By 
an induction argument one can assume that the roots of ipk are already in 
{Ga, G^){a). Since gcd(^*, tpi) ^ 1 there is /?' such that ^*(/3') = and ^i(/3') = 
0. Thus, by Lemma 3.19 we get 7 G Gq,(/3') and /?' G G;3(a') where a' is a 
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common root of ipk and ip*. Then a' G {Ga,Gp){a) and 7 = 0-1(72(0;') for 
ai G Gfi and (T2 G Gq,. Hence 7 is in {Ga,Gij){a). D 

Now let A be a minimal block containing a and /3. In case A C B^ we saw 
that one can calculate A directly and therefore calculate h by Lemma 3.13. 
Otherwise by Proposition 3.18 we have A = (Gq,, G'^)(a). Then as seen in 
Proposition 3.20 one can calculate h by h{x) — h{a) = II^(za{x — 7) = Hipi, 
where the last product is taken over all ipi that are connected to ipi in P^. 

Example 3.16 continued. Let us continue to find decompositions of / = 

x^ — X. Let 

ipi = x'^ + ax + a'^ + 1, 

^2 = x"^ + OiX + X + a"^ — a — 1 and 

ips = x'^ + ax — X + a'^ + a — 1 . 

Then as before we have f — t = {x — a){x — a + l){x — a — l)-?/'i'?/'2'^3- Now let 
C be a root of a;^ + a; — 1 in Fg and note that we have then 

V^i = (x - (a + C + l))(a; - (a - ( - 1)), 
ip2 = {x — {a + ( — i)){x — {a — ()) and 
tljs = {x-{a + C))ix-{a-C + l)). 

Let Pi = a + ( + 1. Then we have that ipi with /3i substituted for a is 
ipi = {x — a){x — {a — ( — 1)) and thus C/j^ = {a, a + ( + l,a — ( — 1} is 
a minimal block. We get h{x) — h{a) = (x — q;)-?/'i = x^ + x — {a^ + a) and 
thus the corresponding decomposition has right component x^ + x. Then the 
corresponding left component is x^ — x. 

Now for (32 = a + ( — l we get ip^ = {x — a){x—{a — ( — l)). Thus C/jj = C^^. 
In the same way a — ( + 1 does not yield any further block. Therefore all in 
all / has exactly two decompositions over F3. 

Note that going to the extension Fg of F3 unveils more structure. Actually, 
/ has four decompositions over Fg as we will see in Example 3.27. 

3.3. The algorithm. Zippel (1991) describes loosely an algorithm that com- 
putes decompositions of rational functions. The following is a concrete descrip- 
tion of an algorithm that computes all minimal decompositions of a polynomial, 
whose derivative does not vanish. It is mainly based on Zippel (1991) and on 
Landau & Miller (1985). The runtime estimation in Theorem 3.23 is new. 

Algorithm 3.21 calls a subroutine Atkinson(G, Z, a) which returns a list 
of all minimal blocks of the permutation group G on Z that are containing a. 
If G is primitive this list consists of Z only. 
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Algorithm 3.21. Computing minimal decompositions. 

Input: A monic polynomial f & F[x] of degree n with /' 7^ 0. 
Output: A list of decompositions {g, h) of /. This list is empty if / is inde- 
composable. 

1. Set List = {} and let F[a) be the rational function field in a. 

2. Factor f{x) — f{a) in F(q;)[x] into ni=i(^ ~ '^j) ' V's+i ■ • • • ■ V'r as in (3.10). 

3. If s > 1 then 

4. Set Ba = {ai | 1 < "^ < s} and H = {ii \ 1 < i < s} where ctj = ii{a). 

5. Set AtkinsonBlocks = Atkinson(ilf, B^, a). 

6. For A e AtkinsonBlocks with |A| < n do 7-9 

7. Compute h{x) = U^^Ai^ - 7) - UyeAh^)- 

8. Compute g such that f = g o h. 

9. Attach {g, h) to List. 

10. For z/G {s + l,...,r} do 11-17 

11. Let /3 be a root of ip,, and let ip* be ipi with /3 substituted for a, for all 
1 < i < r. 

12. Compute the graph F^ as in Proposition 3.20. 

13. Compute I^ = {i: ipi is connected to ipi in F^}. 

14. If /^^ {I,--- ,r} then 

15. Compute h{x) — h{a) = Yliei ''Pii where h{x) is in F[x\ normal. 

16. Compute g such that f = g o h. 

17. Attach ((7, h) to List. 

18. Return List. 



Theorem 3.22. Algorithm. 3.21 correctly computes all minimal decomposi- 
tions of f. 

Proof. Let {g, h) be a minimal decomposition and let A be the correspond- 
ing block. Then either A C B^ or API-Bq, = {o;}. In the first case A is computed 
in Step 5, by Lemma 3.15. Then h is recovered from A in Step 7, by Lemma 3.13. 
In the second case let /3 G A \ {a} and u such that ipu{l3) = 0. By Proposi- 
tion 3.20 we have A = Cp = {•y: 3i E I^: ipi^j) = 0}, where Jj, is computed in 
Step 13. Then in Step 15 we have Ylieh ^* ~ n7GA(''' ~^) ~ ^(•'^) '~ hia), from 
which we can recover h. D 

Note that Cjs is a block even if there is no minimal block containing a and 
f3. Then either Cjs is minimal and (5 ^ Cp oi Cp is not minimal and contains 
minimal blocks. An algorithm that computes only minimal decompositions 
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(and outputs each decomposition only once) should keep track of this. 

For the runtime consideration let F be a field over which one can factor 
bivariate polynomials in polynomial time (these include, for example, finite 
fields). The gcd computation in Step 12 can be done by computing the re- 
sultant, which can be done in polynomial time. Thus the algorithm can be 
implemented with a polynomial runtime. This was already remarked by Zippel 
(1991). The following runtime estimation for finite fields is new. 

Theorem 3.23. Let F be a finite Geld, c > 3 be a natural number and n be 
the degree of the input polynomial f . Denote the complexity of multiplying 
two polynomials over F of degree at most n by M{n) and let q be the size of 
F. Then there is an implementation of Algorithm 3.21 that takes an expected 
number of (9~(cn^M(n)^ log(g)) operations in F with an error probability of 
at most n^(4n)~'^. 

Proof. The factorization in Step 2 can be done in 0^{n'^~^^), where 2 < 
a; < 3 is the matrix multiplication exponent, see Bostan et al. (2004) and Lecerf 
(2008). Atkinson's algorithm runs in O(n^), see Atkinson (1975). Butler (1992) 
improved the runtime of Atkinson's algorithm to (9(n^ logn). In Step 8 and 16 
for each right component h the appropriate left component g can be computed 
in 0{M{n)logn) by the generalized Taylor expansion, see von zur Gathen & 
Gerhard (1999). Since there are at most s minimal blocks computed by the 
algorithm of Atkinson, Step 8 is called at most s times. Step 16 is called at 
most r — s times. Thus we get 0{rM{n) logn) for this part. 

To compute the graph in Step 12 we need at most r^ gcd computations. We 
have to compute r — s such graphs. Thus in total we have at most {r — s)r^ < rr" 
such gcd computations. Since the field arithmetic of -F(a, (3) is quite costly, one 
should use a modular algorithm that checks if two polynomials in F{a,(5)[x\ 
are coprime. For example one could use Algorithm 3.24 below. We will prove 
that it has expected runtime (9~(nM(n)^ log(g)) and an error probability of 
at most (4n)^^. If we repeat this coprimality check c times we get for all rr" 
computations an expected runtime of (9~(cn^M(n)^ log(g)), which dominates 
the runtime of the other computations, and an error probability of at most 
1 — (1 — {4:n)~'^)^ < 1 — (1 — n^(4n)~'^) = n^(4n)~'^, by the Bernoulli inequality. 
This finishes the proof of Theorem 3.23. D 

Lemma 3.25. Let F be a finite field of size q. If the total degree of all input 
polynomials is bounded by n, then Algorithm 3.24 takes an expected number 
of (9~(M(n)^n log(g)) operations in F. It returns True only if g and h are 



Decomposition of Polynomials 15 



Algorithm 3.24. Coprimality in F(a,/3)[a;] . 

Input: An irreducible polynomial G G F[x^y\ of total degree at most n, that 
defines F(q;,/3) by G{a,[5) = 0, and two polynomials g, h E F[a,f3,x] 
that are monic in x. 

Output: True / False. 

1. Let K' \ Fhea field extension of F with [K' : FJ > 41og(16n). 

2. Randomly choose a in i^'. 

3. Compute a root b of G{a, y) in an extension K of K' . 

4. Compute r = ies{g{a, b, x), h{a, b, x)). 

5. Return True if r 7^ and False else. 



coprinie. If g and h are coprinie the algorithm returns False with probabihty 
at most (4n)^^. 

Proof. First note that for (a, b) G K^ with G{a, b) = the maximal ideal 
{a — a, (3 — b) in K[a, f3] gives rise to a place P in K{a, (3). Substituting a and 
b for a and /3, respectively, is the same as reducing modulo P. Thus the degree 
of P is one. If on the other hand P is a place in K{a., (3) of degree one such 
that it is neither a pole of a nor of /3, then there exists a, b E K such that 
a = a mod P and (3 = b mod P. Then we have P O K[a, (3] = {a — a, /3 — b) . 
Denote such a places by Pa^t- 

Since the leading coefficient oi g in x is one, and therefore not zero modulo 
P, we have Tes{g{a, b, x), h{a, b, x)) = if and only if Tes{g, h) = mod P (see 
Lemma 6.25 in von zur Gathen & Gerhard (1999)). Assume p = Tes{g,h) G 
K[a,l3] is not zero. Let A = \{{a,b) eK'xK: G{a,b) =0}| and5= |{(a,6) G 
A: p = mod Pa,b}\- Then the probability of p being zero modulo P is B/A. 

We have B < \{{a,b) G K^ \ G{a, b) = = R{a, b)}\, where i? is a represen- 
tative of p in F[x, y] of degree less then 2n^. If G would divide R, then p would 
be zero. Since G is irreducible we get gcd(G, R) = 1 and thus by Bezout's 
Theorem we have B < deg(G) deg(-R) < 2n^. 

Since a and /3 can have at most n poles we have A > N — 2n, where N is 
the number of places in K'{a, (3) of degree one. By the Hasse-Weil Bound (see 
Theorem V.2.3 in Stichtenoth (1993)) we get N > q' + 1 — 2(yfg'^/^, where q' is 
the size of K' and g is the genus of K'{a, (3). By the degree assumption on K' 
we have that q' > p^i°g(^6"') > 16n"^. By the Riemann Inequality (see Corollary 
III.10.4 in Stichtenoth (1993)) the genus is bounded by {\K\a,l3): K\a)] - 
l){[K'{a,P) : K'{[3)] - 1) < [n - 1)^. Thus we have A>N-2n>q' + l- 
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2^g'i/2 _ 2n > g'i/2(g/i/2 _ 2g) - 2n > An'^iAn^ - 2(n - l)^) - 2n > 8n^ Hence 
5/A < (2n^)/(8n^) = l/(4n), which gives us the claimed error bound. 

The resuhant computation takes 0{{M{n) + n) logn) operations in K (see 
Corollary 11.16 in von zur Gathen & Gerhard (1999)). Finding a root of 
G{a,y) in K takes an expected number of (9(M(n) lognlog(ng)) operations 
in K, where q is the size of K (see Corollary 14.16 in von zur Gathen & 
Gerhard (1999)). We have log(g) < [K: FJ = [K : F][F: FJ. Unfortunately 
the degree of K over K' can only be bounded by degy{G{a,y)) < n. Thus 
[K: F] is in 0{nlogn) and finding aroot takes (9~(M(n)n log(g)) operations in 
K. Arithmetic in K costs us 0{M{nlogn) log(nlogn)) operations in F. Hence 
with omitting the log factor the expected runtime is in (9~(M(n)^n log(g)). D 

3.4. An upper bound. Now we will deduce two sharp upper bounds on the 
number of minimal decompositions of a polynomial. These bounds coincide 
partly with results in von zur Gathen et al. (2010). 

Let B and B' be minimal blocks. By Lemma 3.3 their intersection is a block 
and therefore trivial. Hence, the minimal blocks minus {a} are distinct sets in 
Z \ {a}. Therefore the sum of the cardinality of all minimal blocks minus {a} 
is less than n — 1. Since the cardinality of a block equals the degree of the right 
component of the corresponding normal decomposition, we get the following 
results. 

Corollary 3.26. Let f be a decomposable polynomial of degree n with f ^ 
0. 

(i) Let d divide n. Then there are at most (n — l)/{d — 1) minimal decom- 
positions {g, h) of f with deg(/i) = d. 

(a) Let q be the smallest prime divisor of n. Then there are at most (n — 
l)/(g — 1) minimal decompositions of f. 



Example 3.27. Let p be the characteristic of F and let / be a separable 
additive polynomial of degree p*" with r > 2, that is / is of the form J2l=o Ojo:^' 
with Oq 7^ 0. Furthermore assume that / splits completely over F. Then the 
roots of / form a group G (^ F which is isomorphic to (Z/pZ)*". If a is a root 
oi if = f — t then so is a + a for all roots a of /. Thus (/? is Galois and its 
Galois group is isomorphic to G. But G has exactly {p^ — l)/(p— 1) subgroups 
of order p. Thus / has exactly {p^ — l)/(p — 1) minimal decompositions. This 
shows that both bounds are sharp. () 
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Another class of examples, which also shows that these bounds are sharp, 
is discussed in the next section. 



4. A taxonomy 

Zannier (1993) proved Ritt's second Theorem over arbitrary fields with the 
assumption that the derivatives of the right components are nonzero and that 
their degrees are relatively prime. Unfortunately this result is not applicable 
when the degrees are equal - these are so called equal-degree collisions. A clas- 
sification for a special case of equal-degree collision was proposed in von zur 
Gathen et al. (2010), Conjecture 6.7. The main result of this section (Theo- 
rem 4.5) is a proof of this conjecture. The idea is to adapt the proofs of Ritt's 
second Theorem from Dorey & Whaples (1974) and Zannier (1993). In both 
papers the classification is obtained from studying ramification in a rational 
function field. 

4.1. Preliminaries. First we will state some facts from the ramification the- 
ory of function fields. For more details see, for example, Stichtenoth (1993). 
Let F be a field of characteristic p and K be its algebraic closure. Let / be 
a normal polynomial over F of degree n such that /' 7^ and p \ n. As in 
Section 2 let t be transcendental over K. Then ip = f — t is irreducible and 
separable over K{t). Let a be a root of (/?. Then K{a) is an extension of 
K(t) of degree n. Both function fields are rational (that is, of genus 0). Thus, 
each finite place P in K{t) corresponds to a monic and irreducible polyno- 
mial in K[t] (see Section 1.2 in Stichtenoth (1993)). This polynomial is linear, 
since K is algebraically closed, say of the form t — c with c & K. In K{a) 
we have t — c = f{a) — c = Yldi'i'^)^ where YldT i^ a factorization of / — c 
into irreducible factors K[x]. The Qi are linear and correspond to places Si in 
K{a). Then S'^' divides P. Since "^Ci = deg/ = [K{a): K(t)] we obtain a 
decomposition P = Yl^t- Thus the multiplicities of / — c correspond to the 
ramification indices of P, that is Cj = e{Si \ P). 

Later in this section we wish to have certain multiple roots at the right 
"place". One can achieve this by conjugation of / (see Definition 2.2). If w 
has multiplicity m in / — f{w) then the conjugate (x — f{w)) o f o (^x + w) has 
a root at with multiplicity m. 

We will make use of the notion of the different exponent d{S | P) of a place 
S I P. Mainly we need the following facts about the different exponent (for 
a definition and further facts see Section III. 4 in Stichtenoth (1993)): A place 
S is unramified over P if and only if d{S \ P) = 0. If S is tamely ramified 
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over P, then d{S \ P) = e{S \ P) — 1. Since K is algebraically closed, the 
relative degree of S* | P equals one. Thus, if P is tamely ramified, we get 
^_j|p d{S \ P) = n — p, where p is the number of places in K{a) lying over P. 
The following results tell us more about the ramification in rational function 
fields over K. (These results are true for arbitrary fields, but they are needed 
here only for the algebraic closure of F.) 

Proposition 4.1. The place at inGnity in K(t) is totally ramiGed in K{a). 

Proof. See Proposition 3.2. in Fried & MacRae (1969). D 

Proposition 4.2. Let E \ K{t) be a finite separable extension. Let P be a 
place in K{t) and S be a place in E which is totally ramified over P. Let 
71 be a prime element of S and ip its minimal polynomial over K{t). Then 
d{S I P) = f 5 (■?/'' (tt)), where Vs is the valuation at S. 

Proof. See Proposition III.5.12 in Stichtenoth (1993). D 

Lemma 4.3. Let Poo be the infinite place of K{t) and Soo be the place in K{a) 
over Poo- Then d{Soo \ Poo) = 2n — 2 — deg(/') and 



Y, d{S I P) = deg(/0 



S finite 



Proof. Since Soo is totally ramified we can apply Proposition 4.2. We have 
that a~^ is a primitive element of 5*00- Let ip be the minimal polynomial of 
a~^. We have = a~"'{f{a) — t) = f{a~^) — ta~^, with / being the reversal 
of /. Since / is original we have deg(/) < n. Then x" — t~^f{x) is a monic 
polynomial, and since [K{a~^) : K{t)] = n, we get ip = x"^ — t~^f{x). Thus we 
have i/j' = —t~^f\x) and Proposition 4.2 yields d{Soo \ Poo) = Voo{ip'{a~^)) = 
Voo{—t~^f'{<^^^)) = '"oo(— ^~^) + Voo{f'{o:~^)). Since t~^ is a primitive element 
of Poo we have Voo{—t^^) = n. Let dj be the coefficients of /. Then by the 
strong triangle inequality we get foo(/'(tt~^)) > min{foo(jajQ;~*-"'~^'') | jdj ^ 0} 
and equality since we have Voo{jdja^^^^^^) =j + l^i + l= Voo{idia~^^~^^) for 
all i 7^ j. The (j — l)-th coefficient of /' is nonzero ii p \ j and dj ^ 0. But 
since p \ n this is the case if and only if p f {n — j) and the (n — j)-th coefficient 
of / is nonzero. Thus, the last nonzero coefficient in /' is the first nonzero 
coefficient in /'. Hence Voo{f'{o:^^)) = n — (deg(/') + 1) — 1 and therefore 
diSoo\Poo) = 2n-2-degif'). 
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By the Hurwitz Genus Formula we have 2g' — 2 = [K{a) : K{t)]{2g — 2) + 
^gd{S I P), where g and g' is the genus of K(t) and K{a), respectively (see 
Theorem III.4.12 in Stichtenoth (1993)). In our case we have g,g' = and thus 
obtain ^^ d{S \ P) = 2[K{a) : K{t)] -2 = 2n-2. By subtracting d{Soc \ Poo) 
we get E5 finite d{S\P)=2n-2-{2n-2- deg(/')) = deg(/'). □ 

There is also an elementary proof for the last equation of Lemma 4.3 if there 
is no finite wildly ramified place; see the second proof of Lemma 2 in Dorey & 
Whaples (1974). 

Lemma 4.4. Let M and N be two intermediate Gelds ofK{a) \ K{t) such that 
MN = K{a) and let Q and R be finite places in M and N, respectively, over 
a place P in K[t). Let the ramification indices e = e{Q \ P) and e = e{R \ P) 
be not divisible by the characteristic of K. Then there are gcd(e, e) places 
S in K{a) which lie over Q and over R. Moreover for such a place we have 
e{S I P) = lcm(e, e). 

This lemma is proven in Dorey & Whaples (1974) with the assumption that 
the characteristic of K is zero. The following proof is only slightly different, 
but does not use this assumption. 

Proof. At first we apply Abhyankar's Lemma (see Proposition III.8.9 in 
Stichtenoth (1993)) and find that for a place S in K{a), which lies over Q and 
over R, the ramification index e{S \ P) equals lcm(e, e). 

Then we proceed as in Dorey & Whaples (1974). Let K{t), M^, and A^'^ be 
the completions of K(t), M, and A^ with respect to P, Q, and R, respectively. 

For readability set E = K{t) and E* = K^. Note that K{a) ^e K{i) is 
the direct product of the completions of K{a) with respect to the places over 
P in K{a) (see Proposition II.8.3 in Neukirch (2007)). Since N ®e M '^ 
NM = K{a) we get K{a) ®mM^ = N ®e M ®m M^ = N ^e M^ = 
N ^E (K^) ^e* M«) = {N ^E Kit)) ®E' M^ = ®rN^ ®s* M^- Thus 
A"^ ^E* M^ is the direct product of the completions of K{a) with respect to 
the places that lie over Q and R. These fields are of degree lcm(e, e) and the 
£'*-dimension of A^^ ^e* M^ is e ■ e. Thus there are e ■ e/lcm(e, e) = gcd(e, e) 
places over Q and R. D 

4.2. Decompositions of polynomials of degree p"^. We have already seen 
an example of decomposable polynomials of degree p"^: additive polynomials 
of degree p"^ have p + 1 decompositions over a sufficiently large field (see Ex- 
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ample 3.27). A classification of the polynomials of degree p^ with at least two 
normal decompositions is given in the next theorem. 

Theorem 4.5. Let F he a field of characteristic p > 0. Let f be a normal 
polynomial in F [x] of degree p^ with /' 7^ and at least two normal decompo- 
sitions. Then exactly one of the following statements holds: 

(i) There is w & F and a divisor m of p — 1 such that for each normal 
decomposition [g, h) of {x — f{w)) o f o [x + w) there are a and b in F^ 
such that g = x{x^ — a)™ and h = x{x^ — 6)™ with i = {p — l)/m. 

(a) There is w & F and an integer 1 < m, < p — 1 such that for each normal 
decomposition {g, h) of {x — f{w)) o f o (^x + w) there is r G {m, j9 — m}, 
and a,b E F^ such that g = x^{x — ay~^, h = x^~'^q, and h — a = 
{x — bYq, where q and q are squarefree polynomials of degree r and p — r, 
respectively. 

We note that m depends only on /. Since w is a root of f{x) — f{w), the 
polynomial {x — f{w)) o f o (^x + w) is a conjugate of /. We will see that w 
is unique in Case (i) and there are two alternative values for w in Case (ii). 
Additive polynomials fall into Case (i) with m = 1. The proof of this theorem 
will take the rest of this section. 

Let {gi, hi) and {g2, /i2) be two normal decompositions of /. Then there are 
two intermediate fields M and A^ of K{a) \ K{t) that correspond to {gi, hi) and 
{92-1 ^2), respectively. Throughout this section let Q, i?, and S denote places in 
M, A", and K{a), respectively. We have that M = K{hi{a)) and gi — t is the 
minimal polynomial of hi{a) over F(t). Thus Xlo finite '^('5 I P) = deg(5'^), by 
Lemma 4.3. Since hi — hi{a) is the minimal polynomial of a over M we have 
Ss finite '^('^ I Q) ~ ^^&i^i)- The analog holds for A^. Figure 4.1 illustrates the 
relation between this fields. 

First we will show that we are in the situation in which we can apply 
Lemma 4.4. Then Corollary 4.10, Lemma 4.12 (which are similar to results in 
Dorey & Whaples (1974)) and Lemma 4.11 (which is due to Zannier (1993)) 
will tell us more about the ramification indices in M and A^. From this we 
can make a case distinction, whether there is an unramified place in A^ over a 
certain place in K{t) or not. This will lead to the two cases in the theorem. 

Claim 4.6. MN = K{a). 

Clearly M C MN C K{a). If MN = M then N C M, which can not be since 
hi ^ h2. But since [K{a) : MN] \ [K{a) : M] = p we have [K{a) : MN] = I. 
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hi — hAa 



ho - ho(a) 




K{t) 
Figure 4.1 



Claim 4.7. There is no finite place in K{t) that is wildly ramified in K{a). 

Assume for contradiction that P is wildly ramified, that is p \ e{S \ P) = e{S \ 
Q)e{Q \ P)foT Q = SnM. But then p \ e{S \ Q) or p \ e{Q \ P). Therefore 
we have hi — b = {X — ay ot gi — b = {X — ay, which is a contradiction to 
the assumption /' ^ 0. 

Now we can apply Lemma 4.4. As in Dorey & Whaples (1974) we need the 
notion of extra places. 



Definition 4.8. Define 



i{P,N\ K{t)) = ^d{R\ P) 



R\P 



and 



i{P, K{a) \M)=J2d{S\SnM). 



S\P 



Call P extra in N if i{P, N \ K{t)) > i{P, K{a) \ M). 

By Proposition 6.7 in von zur Gathen et al. (2010) we have deg2(/ii) = 
deg2(5'2), where degg denotes the second degree (that is deg(/ — ax^^^'^^'>) for 
a polynomial / with leading coefficient a). Since the degree of hi and g2 is 
p we have that the second degree is the degree of the derivative plus one and 
thus deg(/i'J = deg(5f2)- Then we get d{Roo \ Poo) = 2p — 2 — deg(5'2) = 
2p — 2 — deg{h'i) = d{Soo \ Qoo), which proves that Poo cannot be extra in A^. 

Let P be a finite place in K{t) and let Q and R be places over P in M and in 
A^, respectively. Set e = e{Q \ P) and e = e(P | P). For a place S over Q and R 
we have e{S \ P) = e{S \ Q) ■ e and e{S \ Q) = e{S \ P)/e = lcm(e, e)/e. Thus 
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J2s\R(^iS I Q) = E(lcm(e,e)/e-l) = gcd(e, e) -(1011(6, e)/e-l) = e-gcd(e,e). 
We define 

c{Q, R) = J2d{S\Q) = e- gcd(e, e) 

S\R 

and note that i{P,K{a) \ M) = "^q jic{Q,R). 

Lemma 4.9. Let P be a finite place in K{t). ThenJ^QipciQ,^) > e(i? | P)-l 
for all places R over P. 

Proof. Let P = n!=o Q? ^^ ^- Fo^ d = gcd(ei | < ? < /) we have 
d I ^ Cj = p. li d > 1 then we would have d = p and P would be wildly 
ramified in M, which cannot be. Thus d = 1. 

Let -R be a place over P with ramification index e = e{R \ P). Then 
as above we have c{Qi,R) = e — gcd(ej,e). If e = 1 we have ^jC(Qj,i?) = 
^j(e — gcd(ej, e)) = = e — 1. Thus assume e > 1. Then e cannot divide Cj 
for all i, since their gcd is one. We distinguish two cases: 

Case 1: e divides all but one places Q over P in M. Then let Qq be the place 
such that e\ Cq. The gcd of e and Cq divides e and thus divides all ramification 
indies of places over P in M. But their gcd is one. Thus the gcd of e and cq is 
one and we have J2q\p ^(Q, R) > c{Qo, R) = e — 1. 

Case 2: There are at least two places, say Qi and Q2, over P in M such that 
e \ Ci for i = 1,2. Then we have e/ gcd(ej, e) > 1 since else we would have e | e^, 
which is a contradiction. Thus gcd(ej, e) < e/2. Hence e — gcd(ei, e) > e/2 and 
thus ^j c((5j, R) > c{Qi, R) + c{Q2, i?) > e > e — 1, as claimed. D 



Corollary 4.10. There is no finite place in K{t) which is extra in N. 

Proof. Let P be a finite place. By Lemma 4.9 we have Yloip'^iQ'R) — 
e{R I P) - 1 for all R. But then i{P,K{a) \ M) = 'Zq,rc{Q,R) > Eij(e(P | 
P) — 1) = i{P, N I K{t)) which shows that P is not extra in A^. D 

As seen in Section 4.1 we have by the Hurwitz Genus Formula 
5^^(P,iV I K{t)) = J2d{R \P)=2p-2 = J2^{P,K{a) \ M). 

P R\P P 

But since there are no extra places in A^ we get i(P, A^ | K{t)) = i{P, K{a) \ M) 
for all places P. 
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Lemma 4.11. Let P be a Unite place in K{t). Then the following statements 
hold: 

(i) For each ramified place R over P in N the ramification index e{R \ P) 
divides e{Q \ P) for all but one place Q over P in M. 

(a) For each ramified place Q over P in M the ramification index e{Q \ P) 
divides e{R \ P) for all but one place R over P in N. 

(Hi) P is ramified in M if and only if it is ramified in N. 

Proof. To prove (i), we claim that the second case in the proof of Lemma 4.9 
does not occur. For R falling into Case 2 we had seen that Xloip '^{Qj -R) ^ 
e{R I P). Set e{R) = 1 if R falls into this case and e{R) = else. Then we 
have in any case J2q\p ^(Q, R) > e(-R | P) — l + e{R). Hence we get i{P, K{a) \ 
M) = Eq,rc{Q,R) > T.R<R I P) - l + e{R) = z{P,N I K{t)) + E«^(^)- 
But since i{P, N \ K{t)) = i{P,K{a) \ M) we have Er^(^) = 0- This proves 
the claim. 

The second statement can be proven analogously to the first one, by inter- 
changing the role of M and N in the previous results. 

Finally, if P is ramified in A^ then by (i) there is a place R with 1 < e(i? | 
P) \ e{Q \ P) for some place Q in M . Thus P is ramified in M. The other 
direction follows in the same way from (ii). D 

Lemma 4.12. There is at most one finite place in K{t) that is ramified in M . 
Moreover if there is a place that is ramified in M then it has at most one 
unramified factor. 

Proof. Let P be a finite place in K{t), which is ramified in M. Assume 
there is a place Q such that e{Q \ P) = 1. Then J2s\q '^('^ I Q) ~ '^r '^(Q' R) — 
E^ e{R I P) - gcd(l, e{R \ P)) = Eij(e(i? \ P) - I) = i{P, N \ K{t)). If there 
are two unramified places Qi and Q2 then i(P, K{a) \ M) > Esiqi ^i^ I Qi) + 
EsiQa^l-^ I Q2) > 2i{P,N I K{t)). But since i{P,K{a) \ M) = i{P,N \ K{t)) 
this can only be if i{P,N \ K{t)) = 0. Hence P is unramified in A^ and 
by Lemma 4.11 unramified in M, in contradiction to our assumption. Thus 
there can be at most one unramified place over P. If p denotes the number 
of places in M over P we have 1 + 2(p — 1) < E ^(^5 \ P) = P ^-i^d thus 
P < {p + l)/2. Therefore i{P, M \ K{t)) = p- p > {p - l)/2. But since 
Ep finite ^(-^' ^ I -^(^)) — deg((7i) < p — 1 there can be at most one such a 
place in K[t). D 
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Setting k = deg2(5'i), we have k = deg2{gi) = deg2(/ii) for i = 1,2 (see 
Proposition 6.7 in von zur Gathen et al. (2010)). We have a special case when 
k = 1. Then ^p g^j^^ i(P, M \ K{t)) = (\.eg{g[) = A; — 1 = and thus there are 
no ramified places. But since the second degree of the decompositions equals 
one, we have in this case that gi and hi are of the form x^ — ax and x^ — bx, 
respectively. Thus / is an additive polynomial and we are in the Case (i) of 
Theorem 4.5. 

We assume k > 1. Then we have X]p finite ^(-^' ^ I -^(^)) = ^ — 1 > and 
thus there is a finite place P which is ramified in M. By Lemma 4.12 we have P 
is the only finite place which is ramified in M and thus i{P, M \ K[t)) = k — 1. 
By Lemma 4.11 and by interchanging M and A^ in Lemma 4.12 we get that P 
is the only place that is ramified in A^. Then we have i{P, M \ K{t)) = p — pi = 
k — 1 = p — P2 = i{P-, N I K{t)), where pi and p2 are the numbers of places over 
P in M and N, respectively. Thus pi = p2=p — k + l = i+l with i = p — k. 

By the correspondence between ramification and multiplicities we get that 
there is exactly one c in i^ such that / — c has multiple roots. Then for each 
automorphism a of K that fixes F we have / — a{c) = a{f — c) has multiple 
roots and thus o"(c) = c. This proves that c is in F. We will later see that 
there is also a root w E F of f — c, that is f{w) = c. Thus the conjugate 
{x — f{w)) o f o (^x + w) lies in F[x] and has multiple roots. 

Now assume that there is an unramified place Rq over P in N. We will 
prove that / falls into Case (i) of Theorem 4.5. 

Let Ri be the ramified places over P in A^ with ramification indices Cj, for 
< i < i. Then let cq denote the ramification index in M that is not divided 
by ei. If Co 7^ 1 then eo cannot divide cq = 1 and thus it must divide ei. But 
this would imply that cq divides all ramification indices in M, which cannot 
be. Thus we get Cq = 1. Then Cj divides all ramification indices in M that are 
greater than 1, and the other way round. Thus all of this ramification indices 
equal, say we have m = Cj = Cj for all 1 < i < i. 

Then we get that gi — c is of the form {x — a)g"^, where a is in K and g is 
a squarefree polynomial of degree i. We have that gi — c is a polynomial over 
F and the irreducible factors of gi — c over F have only simple roots. Thus g 
is defined over F and a is in F. 

Since e{S \ P) = lcm(e(Q | P), e(P | P)) = m or = 1 we get e{S \ Q) = m 
if and only if e{Q | P) = 1 and e{R \ P) = m. Thus only Qq is ramified 
in K{a) \ M and has the same ramification like P in A^ | K{t). Thus as 
above hi — a is of the form {x — w)h"^, where w E F and h is a, squarefree 
polynomial of degree L Now we conjugate as follows: {x — c) o f o {^x + w) = 
[x — c) o gi o [x + a) o [x ~ a) o hi o [x + w) = xg"^ o xh"^, with g = g o [x + a) 
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and h = ho [x + w). 

To see that we are in Case (i) of Theorem 4.5 we have to prove that g 
and h are of the appropriate form. For a polynomial g = xg"^ the derivative 
of g is g' = g^~^{g + mxg'). If a^ are the coefficients of g then we have 
g + mxg' = Xlj('^i + miai)x'^. Let £' be the degree of ^ + mxg' . Then k — 1 = 
deg(c/') = {m-iy + e = m(i-(i + e = p-(i-l + e = A;-l+f and thus f = 0. 
But this means that we have a^ + miai = for all 1 < i < i. For 1 < i < i 
this is the case only if Oj = 0. Thus we get g = {x^ — a) and g is of the form as 
claimed. 

Now we consider the other case, where there is no unramified place over 
P in N . Then there is neither one in M . To prove that we are actually in 
Case (ii), we first prove that £ = 1. For this propose we translate Lemma 4.11 
into the language of graphs. Let V = AVJ B he the set of vertices, where 
A = {e-i: Q < i < C,} and i? = {cj: < i < £}. Let the set of edges E consist 
of {ei,ej) if ei\ej and of {ei,ej) if ei\ej. Then this yields a directed bipartite 
graph with outdegree 6{v) = i for each v & V. Note that if there is a vertex in 
A which is connected to all other vertices in A then we get that the gcd of all 
Cj is greater then one, which is a contradiction. 

Lemma 4.13. Let G = {V,E) be a directed bipartite graph, with bipartition 
V = AU B. Assume A and B have the same cardinahty £ + 1 > 2 and the 
outdegree of each vertex equals i. Then there is a & A such that a is connected 
to all vertices in A or there is b E B such that b is connected to all vertices in 
B. 

Proof. Assume that there are a^ and oi in A such that there is no ai-oo 
path (if such a^ and ai would not exist we would be done). Since the outdegree 
of ai is a, there is 6o in B such that (ai, 6o) ^ E. Then for all b in B' = B \ {bo} 
there is a edge (ai,6) and thus no edge (6, ao). If now (6o,ai) is in G then bo 
is connected to all b in B' via ai and we would be done. Thus we assume that 
{bo, tti) is not in G. 

We claim that G' = G \ {ao, bo} is a complete bipartite graph. We have 
already seen that for each b E B' the edge (6, Cq) is not in G. Thus b has 
outdegree i in G'. Let a he in A' = A\ {ao}. Then a has outdegree i in G and 
it would have less outdegree in G' only if there would be (a, bo) in G. Then 
for b in B' we get that (ai,6), (&, a), {a, bo), {bo,ao) is a ai-ao path, which is a 
contradiction to our assumption. Thus G' is complete. 

Since the outdegree of Oq is £ > 1 there is a 6i in B' such that (ao, 6i) is in 
G. Let b he any vertex in B'. Since G' is complete there is a bi-b path p. But 
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then (60, do), (oo, bi),p is a bo-b path and thus 60 is connected to all vertices in 
B. D 

By the previous discussion we know that i = 1 and therefore P splits exactly 
into two ramified places in both fields, M and A^, say P = Qo^Qi""^ in M and 
P = R^R\~"^ in A^, with 1 < m < p — 1. But this means that (?i — c is of the 
form {x — a)^{x — a)^~™, for suitable a,a & F. 

Now there are gcd{m,m) = m places S over Qo and Rq. For such a place 
we have e(S' | Qo) = lcm(?72, m)/??! = 1. Furthermore there is one place S over 
Qo and Ri with e(S' | Qo) = lcm(m,p — m)/m = p — m. Thus hi — a is of the 
form [x — by^"^q, where g is a squarefree polynomial of degree m. Similarly we 
get hi — d = {x — b)^q. It is left to prove that a, a, 6, and b are in F. Assume a 
and a would not be in F . Then (x — a){x — a) must be an irreducible factor of 
gi — c. But then m = p — m which is a contradiction (note that for p = 2 there 
is anyway no such m). Similarly we get that b and b are in F. By conjugating 
/ with X + w for w G {b, b}, we achieve the desired form. 

Finally we note that the case, in which the polynomial falls, depends on 
whether there is an unramified place over P or not. Thus the two cases are 
distinct. This finishes the proof of Theorem 4.5. 

4.3. Parametrization. The polynomials examined in Section 6 in von zur 
Gathen et al. (2010) fall into Case (i) of Theorem 4.5. 

Theorem 4.14. For parameters e G {0, 1}, -u, s G F^ and £ a positive divisor 
of p — 1 let f be the polynomial 

f = x(a;^(P+^) - ewsV + usP+Y', 

with m = {p — l)/i. Then f has for each root t of x^^^ — eux + u in F a 
decomposition {g,h) with g = x{x^ — us^t~^)"^ and h = x[x^ — st)"^. These 
decompositions are pairwise distinct and there are no other possible decompo- 
sitions of f. 

Proof. See Theorem 6.2 in von zur Gathen et al. (2010). D 

Corollary 4.15. All polynomials which fall into Case (i) of Theorem 4.5 can 
be parametrized as in Theorem 4.14. 

Proof. We have g = x{x^—a)"^ and h = x{x^—b)"^ for suitable a and b in F^ . 
Then we get / = x{x^ - b)"'{{x{x^ - b^'Y - a)" = x{x^^p+^^ - {pP + a)x^ + a6)™. 
Now define 5 = if 6^+a = else define e = 1. In case e = we set s = 1, t = 6, 
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and u = ah. If £ = 1 we set s = ab{lf + a)~^ , t = b/s, and u = ab/s^^^. In both 
cases we have that u, s, and t are in F and the equations t^^^ — eut + u = 0, 
b = st, and a = usH~^ hold as claimed. D 

Note that if the field F is large enough, the polynomial x^^^ — eux + u has 
p + 1 roots and thus / has p + 1 (minimal) decompositions. This is another 
example, that shows that the bounds in Section 3.4 are sharp. Still open is a 
closer examination of the polynomials falling into Case (ii). 
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